<?php
/***************************************************************************
 *
 *   copyright            : (C) 2011 Winds of Storm
 *
 *   $Id: phpbb_fal.php 131 2011-06-12 20:24:56Z stormerider $
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

//
// Function taken from phpBB2 includes/functions.php
//
function encode_ip ($dotquad_ip) {
    $ip_sep = explode('.', $dotquad_ip);
    return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}

$smilies_limit          = "ORDER BY smilies_id LIMIT 0,21";
$smile_pattern_field    = "code";
$smile_url_field        = "smile_url";
$users_table            = $config['FORUM_DB_PREFIX'] . "users";
$smilies_table          = $config['FORUM_DB_PREFIX'] . "smilies";
$group_table            = $config['FORUM_DB_PREFIX'] . "user_group";
$ban_table              = $config['FORUM_DB_PREFIX'] . "banlist";

$avatars_html_path      = $config['FORUM_BASE_URL'] . "images/avatars/";
$smilies_path           = $config['FORUM_BASE_URL'] . "images/smiles/";
if (isset($config['FORUM_SMILIES_PATH']) && $config['FORUM_SMILIES_PATH'] != '') {
    $smilies_path       = $config['FORUM_SMILIES_PATH'];
}
$smilies_all_url        = $config['FORUM_BASE_URL'] . "posting.php?mode=smilies";

function getAvatar($userinfo) {
    // returns URL to the avatar to display for the user
    global  $db2;
    global  $dbprefix;
    global  $config;
    global  $avatars_html_path;

    if ($userinfo['avatar'] != "" && $userinfo['avatar'] != "noavatar") {
        if (!eregi("://", $userinfo['avatar'])) {
            // http://fantasticbyways.lunarpages.com/forums/html/avatars/IPB_Community_Pack/Meow.gif
            $avatar = $avatars_html_path . $userinfo['avatar'];
        } else {
            $avatar = $userinfo['avatar'];
        }
        $avatar = addslashes($avatar);
    }

    return $avatar;
}

function getProfileURL($userinfo) {
    global  $config;

    $url    = $config['FORUM_BASE_URL'] . "profile.$phpEx?mode=viewprofile&u=" . $userinfo['userid'];
    return $url;
}

function checkAuth($username, $password, $modGroup, $checkAdmin) {
    // success: return user info array
    // failure: return error string
    global  $db2;
    global  $users_table;
    global  $group_table;

    if ($modGroup != -1) {
        $sql_g1 = ",g.group_id";
        $sql_g2 = "
                LEFT JOIN $group_table AS g ON u.user_id=g.user_id AND
                g.group_id=$modGroup AND
                g.user_pending=0";
    }

    $pw5    = md5($password);
    $sql    = "SELECT u.*$sql_g1
                FROM
                $users_table AS u $sql_g2
                WHERE
                username LIKE '$username' AND
                user_password='$pw5'";

    $str_sql    = ereg_replace("\t", "", $sql);
    $str_sql    = ereg_replace("\n", " ", $str_sql);
    addToLog("authLogin: Login SQL -- $str_sql");

    $result = $db2->sql_query($sql);
    if (!$result) {
        return "Error authenticating account, please try back later.";
    }

    if (($row = $db2->sql_fetchrow($result)) == NULL) {
        addToLog("Login failed from " . $_SERVER['REMOTE_ADDR'] . " (" . $_SERVER['HTTP_USER_AGENT'] . ") -- user $username"); # . " -- pass $password");
        return "Error logging in: possible reasons are an invalid username or authentication failure.";
    }

    if ($row['user_active'] != 1) {
        return "Error logging in: account is inactive.";
    }

    $userinfo['user_id']    = $row['user_id'];
    $userinfo['username']   = $row['username'];
    $userinfo['moderator']  = 0;
    if (($row['group_id'] == $modGroup) || ($row['user_level'] == 1)) {
        $userinfo['moderator']  = 1;
    }
    $userinfo['avatar'] = $row['user_avatar'];

    if ($checkAdmin && $row['user_level'] != 1) {
        return "Error logging in: account is not an administrator.";
    }

    $sql    = "UPDATE ${dbprefix}prefs SET user_lastvisit_chat=UNIX_TIMESTAMP(NOW()) WHERE user_id={$row['user_id']}";
    $db2->sql_query($sql);

    return  $userinfo;
}

function checkBoardBan($ip, $userid) {
    // returns boolean result
    global  $db2;
    global  $dbprefix;
    global  $config;
    global  $ban_table;

    // check to make sure that this user and/or the users IP are not banned
    $eip    = encode_ip($ip);
    $sql    = "SELECT * FROM $ban_table WHERE ban_userid=$userid OR ban_ip='$eip'";
    $result = $db2->sql_query($sql);
    
    if (!$result) {
        show_login("Error checking ban listings, please try back later.");
        exit;
    }

    if ($db2->sql_numrows($result) > 0) {
        return TRUE;
    }

    return FALSE;
}

function checkValidAlias($alias, $uid) {
    // returns boolean result
    global  $db2;
    global  $users_table;

    $sql    = "SELECT * FROM $users_table WHERE username LIKE '$alias' AND user_id != $uid";
    $result = $db2->sql_query($sql);
    if ((($row = $db2->sql_fetchrow($result)) != NULL) && ($uid != 2)) {
        return -2;
    }
}

function showModeratorGroups($gid) {
	global	$db2;
	global	$config;

    $sql	= "SELECT * FROM {$config['FORUM_DB_PREFIX']}groups WHERE group_single_user!=1 ORDER BY group_name";
    addToLog("showModeratorGroups: $sql");
    $res	= $db2->sql_query($sql);
    $groups = '';
    while ($row = $db2->sql_fetchrow($res)) {
    	$groups .= "<option value={$row['group_id']}";
    	if ($row['group_id'] == $gid) {
    		$groups .= " SELECTED";
    	}
    	$groups .= ">{$row['group_name']}</option>\n";
    }

    return $groups;
}

